Add e2e test case for SecondaryNetwork of SR-IOV type #6922
Conversation
luolanzone
added
the
area/secondary-network
wenqiq
force-pushed
the
add-sriov-e2e
branch
4 times, most recently
from
758c687 to
1f77538
Compare
wenqiq
changed the title
| sudo systemctl restart containerd | ||
| sudo systemctl enable containerd | ||
|
|
||
| echo "deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.32/deb/ /" | sudo tee /etc/apt/sources.list.d/kubernetes.list |
There was a problem hiding this comment.
Can this v1.32 be a parameter of the script? then we can use the latest K8s if we need in the future through the Jenkins job.
| sudo apt install -y docker.io | ||
| sudo docker --version | ||
|
|
||
| sudo apt-get update |
There was a problem hiding this comment.
I think this line can be removed.
There was a problem hiding this comment.
It would fail during install the tools.
| - cidr: "172.31.22.0/24" | ||
| subnetInfo: | ||
| gateway: "172.31.16.1" |
There was a problem hiding this comment.
Where are these IPs from? or it's totally a private CIDR which can be defined by us without any limitation?
| resNum = sriovResNum | ||
| if pod.isSRIOV { | ||
| resNum = 1 |
There was a problem hiding this comment.
I'm a bit confused, it seems resNum is set to the number specific to SRIOV in both cases.
There was a problem hiding this comment.
In the testSecondaryNetwork test case it should set to 3 (sriovResNum = 3), and it is 1 in this test case:
apiVersion: v1
kind: Pod
metadata:
name: sample-pod-1
labels:
app: sample-pod-1
annotations:
k8s.v1.cni.cncf.io/networks: sriov-net1
spec:
containers:
- name: toolbox
image: antrea/toolbox:latest
resources:
requests:
intel.com/intel_sriov_netdevice: '1'
limits:
intel.com/intel_sriov_netdevice: '1'
There was a problem hiding this comment.
It may make sense at this point to just remove the existing TestSriovNetwork (which was meant for baremetal) since we never run it, in order to avoid confusion. cc @jianjuns
There was a problem hiding this comment.
I am fine to remove the baremetal test.
| t.Run("testCreateTestPodOnNode", func(t *testing.T) { | ||
| err := testData.createPods(t, e2eTestData.GetTestNamespace()) | ||
| assert.NoError(t, err) | ||
| }) | ||
| t.Run("testAssignPodIP", func(t *testing.T) { | ||
| err := testData.assignIP() | ||
| if err != nil { | ||
| t.Fatalf("Error when assign IP to ec2 instance: %v", err) | ||
| } | ||
| }) | ||
| t.Run("testpingBetweenInterfaces", func(t *testing.T) { |
There was a problem hiding this comment.
These are 3 steps of a single test, shouldn't be 3 tests.
There was a problem hiding this comment.
Updated. I saw the testSecondaryNetwork function use two tests and updated them.
wenqiq
force-pushed
the
add-sriov-e2e
branch
2 times, most recently
from
aea2610 to
62000e7
Compare
| install_kubernetes() { | ||
| local node_ip=$1 | ||
| echo "Installing Kubernetes on node $node_ip..." | ||
| ssh -o StrictHostKeyChecking=no -i "$AWS_EC2_SSH_KEY_NAME" ubuntu@$node_ip << EOF |
There was a problem hiding this comment.
would it be realistic to use the Ansible playbook we already have (over SSH) instead of having that long list of commands?
There was a problem hiding this comment.
It seems that integrating Ansible involves significant changes and requires considerable effort. Given the scope of these modifications, it would be more efficient to implement them in a separate pull request (PR).
| resNum = sriovResNum | ||
| if pod.isSRIOV { | ||
| resNum = 1 |
There was a problem hiding this comment.
It may make sense at this point to just remove the existing TestSriovNetwork (which was meant for baremetal) since we never run it, in order to avoid confusion. cc @jianjuns
| return out.String(), nil | ||
| } | ||
|
|
||
| func (data *testData) assignIP() error { |
There was a problem hiding this comment.
it would be good if we could find a way to "isolate" the AWS-specific stuff in a single function and have the test script provide an "aws" flag when running the tests.
The function can iterate over the Pods, retrieve the Node, lookup the eni label and perform the IP assignment, all in one place. We don't need to build the mapping from Pod to eni ahead of time.
| } | ||
|
|
||
| // createNetworkAttachmentDefinition creates a NetworkAttachmentDefinition in the specified namespace. | ||
| func createNetworkAttachmentDefinition(client networkclient.Interface, namespace, name, config string) error { |
There was a problem hiding this comment.
could we let the script create the NetworkAttachmentDefinition with kubectl, like we do in ci/kind/test-secondary-network-kind.sh. This is also how we create the IPPool. I don't see anything "dynamic" here so I am not sure why we are doing it programmatically?
We should probably follow the existing model and create it in the default namespace?
There was a problem hiding this comment.
Since the Namespace where the test Pod is located is randomly generated, the NetworkAttachmentDefinition needs to be in the same Namespace. Otherwise, it won`t work.
wenqiq
force-pushed
the
add-sriov-e2e
branch
from
e4f943c to
7162ed6
Compare
Signed-off-by: Wenqi Qiu <[email protected]>
wenqiq
force-pushed
the
add-sriov-e2e
branch
from
277ec59 to
b5e18b1
Compare
Signed-off-by: Wenqi Qiu <[email protected]>
Signed-off-by: Wenqi Qiu <[email protected]>
Signed-off-by: Wenqi Qiu <[email protected]>
Add a script to create a Kubernetes testbed on AWS VM Nodes with SR-IOV interface configured.
Add e2e test codes for SR-IOV case to validate the traffic between two Pods with secondary network enabled.
Add a Jenkins job named
cloud-antrea-test-aws-sriov-secondary-networkin Jenkins service, and add github comment trigger to trigger the e2e tests for SecondaryNetwork with SR-IOV on demand.The complete test process record:
https://jenkins.antrea.io/job/cloud-antrea-test-aws-sriov-secondary-network/16/